Ransomware - Should You Pay?


Thought Leadership

Ransomware - Should You Pay?

Fred Touchette

After reading an article in SC Magazine this week regarding a talk presented at the Cyber Security Summit 2015 in Boston, I felt I needed to air my own personal opinion on the topic. The talk was made by assistant special agent with the FBI, Joseph Bonavolonta. Now, I wasn't in attendance at this talk, but according to the article, special agent Bonavolonta suggests that businesses that find themselves infected with ransomware heavy hitters such as Cryptolocker or CryptoWall, may be better off just paying the ransom due to the fact that decrypting the hijacked files is just too difficult. I'm not so sure I agree with this line of thought. In fact, I'm sure the majority of people with computers have heard about ransomware by now, and if you hadn't, you're reading about it now and you no longer have an excuse.


Ransomware works by sneaking its way onto a victim's machine by manipulating a security flaw on that particular target. The vulnerabilities leveraged change as the attacker sees fit, often going after major holes in operating systems or their services. Once the malware makes it onto its intended target, it begins encrypting all of the documents it can find. After this, it displays a message to the data's owner that says they must pay a ransom, usually between $500 and $2000 US, if they want to get their files back. The truth is, you've likely read about Cryptolocker before. But have you backed up your files yet? Have you updated your software recently? If you know about these attacks and you've done nothing about it, expect to be very upset in the very near future. These threats are real and ubiquitous and they feed off of people with the "it can't happen to me" attitude.

However, thwarting these attacks is very very simple: first, shore up your IT security defenses and then BACK UP YOUR FILES! The answer isn't to wait until you get infected and then pay these cyber terrorists their ransom. Don't reward these terrorists with your negligence and your money. In fact, the reason the bad guys continue to use techniques such as ransomware is because it's working for them. If victims wouldn't pay up, they would stop, and all anyone has to do to prevent ransomware in the first place is to back up their files. Have you still not done it yet? Do it today; do it now! While you're at it, update your software too. Software updates often contain security patches that mend holes where ransomware is installed. Lastly, have layered cybersecurity in place. Layered security, like Web protection and spam and virus filtering, can prevent ransomware from ever coming into your inbox or being downloaded from the Web.

Don't wait until you're a victim and then try to fix things; take simple routine precautions to protect yourself before there's a problem. It's much cheaper than supporting cyber terrorism. Now go backup your files and update your software!